New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add an AddressSanitizer build option #65236
Comments
Adding a compile option to build with ASAN (https://code.google.com/p/address-sanitizer) could allow us to catch many memory-related errors (stack/buffer overflows, etc). Of course, the second step would be to setup buildbots to use this flag. |
Note that ASAN will interfere with the faulthandler's module (since it sets up its own signal handlers), so if we were to incorporate it into the test suite, that's something we should look after. |
I'd like to move this forward: it could IMO be a great way to proactively detect potential security defects, and nasty stack/heap/memory corruption in general. The remaining - missing - part is buildbot integration: AFAICT the only specific thing to do is to start the process with the ASAN_OPTIONS environment variable set to "handle_segv=0", to avoid interference with faulthandler. But I'm not really familiar with the buildbot support, so if anyone has a clue... |
I can add environment variables and configure options specific to a buildbot. Just tell me which ones (and which buildbot (preferably yours ? :-)). That said, it would be better if you first check said options work locally. |
I wasn't clear, but I did test it, and it works: the only problem I
Yeah, I barely have a day-to-day machine, so I'm afraid I can't help here :-) I guess we could go for any non-stable buildbot meeting the following criteria:
But it would be great if someone could test the patch locally on a $ patch -p1 < ~/asan.diff && autoconf && autoheader && ./configure
--with-address-sanitizer && make
$ ASAN_OPTIONS=handle_segv=0 ./python -m test -vG -uall |
Hmm... perhaps Stefan would like to set something up? |
How do we spot any ASAN issues, though? Does ASAN change the process' return code on errors? |
It aborts:
$ cat /tmp/test.c
int main(int argc, char *argv[])
{
int bar[16] = {0};
} You obviously don't see here, but it also colors the output in a terminal :-) |
Being a correctness tool hipster, of course I already have the latest toy. :) The patch works on Debian 64-bit + clang. I can set up a VM. We may have to react quickly to some of the issues. |
Thanks for testing it.
That would be great.
Exactly. |
Antoine, if you send me the buildbot credentials, we can get started. Environment vars: CC=clang
ASAN_OPTIONS="allocator_may_return_null=1,handle_segv=0" I suggest to compile the release build, just --with-address-sanitizer. |
New changeset 17689e43839a by Charles-François Natali in branch 'default': |
I just pushed the patch. Stefan, did you have time to setup a buildbot? |
The VM is set up. It's on an external unreliable host though. :) |
OK, great, let's see what happens! |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: